jade
c32a01f9eb
This can release x86_64-linux binaries to staging, with ephemeral keys.
I think it's good enough to review at least at this point, so we don't
keep adding more stuff to it to make it harder to review.
Change-Id: Ie95e8f35d1252f5d014e819566f170b30eda152e
19 lines
674 B
Python
19 lines
674 B
Python
import subprocess
|
|
import json
|
|
from . import environment
|
|
|
|
|
|
def get_ephemeral_key(
|
|
env: environment.RelengEnvironment) -> environment.S3Credentials:
|
|
output = subprocess.check_output([
|
|
'ssh', '-l', 'root', environment.S3_HOST, 'garage-ephemeral-key',
|
|
'new', '--name', f'releng-{env.name}', '--read', '--write',
|
|
'--age-secs', '3600',
|
|
env.releases_bucket.removeprefix('s3://'),
|
|
env.cache_bucket.removeprefix('s3://')
|
|
])
|
|
d = json.loads(output.decode())
|
|
return environment.S3Credentials(name=d['name'],
|
|
id=d['id'],
|
|
secret_key=d['secret_key'])
|